1. Field of the Invention
The present invention relates generally to network security and, more particularly, to attestation of properties of a remote system.
2. Description of the Background Art
A principal goal in trusted computing is to provide a user, resource owner, or service provider with reliable knowledge about a system. Through evaluation of the identity and integrity of a system, evidence is produced that the target will not engage in some class of misbehaviors.
Current attestation systems are components of computer systems that permit reliable statements of evidence about those systems to be conveyed to remote parties, including other computers. Through evaluation of the identity and integrity of a system, evidence is produced that the target will not engage in defined classes of misbehaviors. An example of a current attestation system is the remote attestation system developed by the Trusted Computing Group (TCG). The TCG introduced the Trusted Platform Module (TPM) and the associated concept of remote attestation. Remote attestation may be used to address a number of trust problems ranging from guaranteed invocation of software, delivery of premium content to trusted clients, assuaging mutual suspicion between clients, and more. As the requirements of applications cannot be known a priori, attestation systems and measurement systems alike must be flexible, providing for privacy, completeness of measurement, and trust in the basic collection and reporting mechanisms.
Existing attestation systems are narrowly focused and generally aimed at specific use-cases and therefore typically lack flexibility to address more general attestation problems. Further, existing definitions of attestation focus primarily on describing specific, narrow, and particular properties desirable in those use-cases.
Existing attestation definitions primarily focus on describing the particular properties desirable in limited, specific use-cases. Current attestation systems are created to work with one particular measurement system targeting one particular system of interest.
What is needed is an attestation architecture and system to enable trust in systems that are not monolithic and are made up of diverse hardware and software platforms. Also, each party to a given system's attestation desires its own measurements of its peers and themselves. A property that is sufficient for one party to use as evidence for a trust decision may not be for another; a set of information one user has no problem providing might cause privacy concerns for another. These varying needs are directly driven by what each party has at stake. The more one has to lose by inappropriate disclosure or incomplete knowledge, the stricter one's needs will be regarding privacy or complete measurement. Parties with strong demands of each other regarding authentication and measurement may be willing to give up more of their own private information in order to achieve their goals.
Accordingly, what is desired are attestation architectures and systems that are flexible enough to accommodate varying concepts of attestation. What is further needed are attestation systems designed around composable components that permit a flexible recombination of components to meet new needs. What is desired is an attestation architecture that can be used to design attestation systems which handle complex attestation scenarios and provide more complete attestation than is currently achievable.